-Wflex-array-member-not-at-end/Kernel Self-Protection Project/Linux Kernel Bugs/Linux Kernel Hardening

100 -Wflex-array-member-not-at-end issues in linux-next

Posted on by Gustavo A. R. Silva / 0 Comment

Today I woke up to the great news that we now have “only” 100 -Wflex-array-member-not-at-end issues left to be addressed in linux-next. I started fixing these issues a couple of years ago after running into a memory corruption bug1 caused by a flexible-array member in the middle of a structure.

I discovered this bug while reviewing my slides a couple of days before presenting at Kernel Recipes 2023 in Paris 🇫🇷. Naturally, I didn’t miss the opportunity to share the story during my presentation2 and talk about my plans to enable this compiler option upstream.

A few months before Kernel Recipes that year, I had experimented a bit with the, at the time, under-development version of -Wflex-array-member-not-at-end. Honestly, given the number of warnings and issues reported by the compiler, I didn’t pay much attention to it at the time. However, I knew it would eventually become one of the next great challenges to tackle in the Linux Kernel Self-Protection Project3.

It wasn’t until I confirmed that the bug I had incidentally found while reviewing my slides was also reported by -Wflex-array-member-not-at-end that I began actively addressing these issues and thinking about how to solve the problem as a whole.

In a future post, I’ll dive deeper into the effort and innovations behind this work, but for now I’ll just say that I’m really happy that about 85% of it is complete. As shown in a slide above, we started with 650 unique issues (accounting for roughly 60,000 warnings in total), and after a lot of effort, we’re now in the final phase before we can finally enable this compiler option in mainline Linux. 🙂

I’ve talked about this work at multiple conferences. Below are a couple of presentations for those who want to learn more.

Lastly, a shoutout to Qing Zhao4, who developed this compiler option and other hardening features in GCC5 that we use extensively to harden the Linux kernel. Qing retired this year, and all of us in the Linux Kernel Self-Protection Project are glad we had the opportunity to meet and work with her. All the best, Qing.

Thank you!🙂🐧🛡⚔️

P.S. The slides shown in this post are from the following presentation.

List of patches addressing -Wflex-array-member-not-at-end issues in linux-next:

  1. qed/red_ll2: Fix undefined behavior bug in struct qed_ll2_info ↩︎
  2. Gaining bounds-checking on trailing arrays in the Linux Kernel ↩︎
  3. Linux Kernel Self-Protection Project ↩︎
  4. https://www.linkedin.com/in/qing-zhao-62770120/ ↩︎
  5. GCC features to help harden the kernel ↩︎

Gustavo A. R. Silva
Gustavo A. R. Silva works full-time as an Upstream Linux Kernel Engineer focused on hardening and proactive security. He has spent the past several years fixing all sorts of bugs and hardening the Linux kernel. His work is supported by The Linux Foundation and the Alpha-Omega project. He’s a member of the Linux Kernel Self-Protection Project, and a regular speaker at Kernel Recipes and Open Source Summit. He has also presented at Linux Security Summit, Lund LinuxCon, Linux Plumbers Conference, Everything Open, The University of Adelaide, and Symposium sur la Sécurité des Technologies de l’Information et des Communications (SSTIC) as an invited speaker.

Leave a Comment

Your email address will not be published. Required fields are marked *